Добавил:
Teana
Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз:
Предмет:
Файл:Enterprise JavaBeans™ Specification, v1.1 - Sun Microsystems.pdf
X
- •Chapter 1 Introduction
- •1.1 Target audience
- •1.2 What is new in EJB 1.1
- •1.3 Application compatibility and interoperability
- •1.4 Acknowledgments
- •1.5 Organization
- •1.6 Document conventions
- •Chapter 2 Goals
- •2.1 Overall goals
- •2.2 Goals for Release 1.0
- •2.3 Goals for Release 1.1
- •Chapter 3 EJB Architecture Roles and Scenarios
- •3.1 EJB Architecture Roles
- •3.1.1 Enterprise Bean Provider
- •3.1.2 Application Assembler
- •3.1.3 Deployer
- •3.1.4 EJB Server Provider
- •3.1.5 EJB Container Provider
- •3.1.6 System Administrator
- •3.2 Scenario: Development, assembly, and deployment
- •Chapter 4 Overview
- •4.1 Enterprise Beans as components
- •4.1.1 Component characteristics
- •4.1.2 Flexible component model
- •4.2 Enterprise JavaBeans Architecture contracts
- •4.2.1 Client-view contract
- •4.2.2 Component contract
- •4.2.4 Contracts summary
- •4.3 Session and entity objects
- •4.3.1 Session objects
- •4.3.2 Entity objects
- •4.4 Standard mapping to CORBA protocols
- •Chapter 5 Client View of a Session Bean
- •5.1 Overview
- •5.2 EJB Container
- •5.2.1 Locating a session bean’s home interface
- •5.2.2 What a container provides
- •5.3 Home interface
- •5.3.1 Creating a session object
- •5.3.2 Removing a session object
- •5.4 EJBObject
- •5.5 Session object identity
- •5.6 Client view of session object’s life cycle
- •5.7 Creating and using a session object
- •5.8 Object identity
- •5.8.1 Stateful session beans
- •5.8.2 Stateless session beans
- •5.8.3 getPrimaryKey()
- •5.9 Type narrowing
- •Chapter 6 Session Bean Component Contract
- •6.1 Overview
- •6.2 Goals
- •6.3 A container’s management of its working set
- •6.4 Conversational state
- •6.4.1 Instance passivation and conversational state
- •6.4.2 The effect of transaction rollback on conversational state
- •6.5 Protocol between a session bean instance and its container
- •6.5.1 The required SessionBean interface
- •6.5.2 The SessionContext interface
- •6.5.3 The optional SessionSynchronization interface
- •6.5.4 Business method delegation
- •6.5.5 Session bean’s ejbCreate(...) methods
- •6.5.6 Serializing session bean methods
- •6.5.7 Transaction context of session bean methods
- •6.6 STATEFUL Session Bean State Diagram
- •6.6.1 Operations allowed in the methods of a stateful session bean class
- •6.6.2 Dealing with exceptions
- •6.6.3 Missed ejbRemove() calls
- •6.6.4 Restrictions for transactions
- •6.7 Object interaction diagrams for a STATEFUL session bean
- •6.7.1 Notes
- •6.7.2 Creating a session object
- •6.7.3 Starting a transaction
- •6.7.4 Committing a transaction
- •6.7.5 Passivating and activating an instance between transactions
- •6.7.6 Removing a session object
- •6.8 Stateless session beans
- •6.8.1 Stateless session bean state diagram
- •6.8.2 Operations allowed in the methods of a stateless session bean class
- •6.8.3 Dealing with exceptions
- •6.9 Object interaction diagrams for a STATELESS session bean
- •6.9.1 Client-invoked create()
- •6.9.2 Business method invocation
- •6.9.3 Client-invoked remove()
- •6.9.4 Adding instance to the pool
- •6.10 The responsibilities of the bean provider
- •6.10.1 Classes and interfaces
- •6.10.2 Session bean class
- •6.10.3 ejbCreate methods
- •6.10.4 Business methods
- •6.10.5 Session bean’s remote interface
- •6.10.6 Session bean’s home interface
- •6.11 The responsibilities of the container provider
- •6.11.1 Generation of implementation classes
- •6.11.2 Session EJBHome class
- •6.11.3 Session EJBObject class
- •6.11.4 Handle classes
- •6.11.5 EJBMetaData class
- •6.11.6 Non-reentrant instances
- •6.11.7 Transaction scoping, security, exceptions
- •Chapter 7 Example Session Scenario
- •7.1 Overview
- •7.2 Inheritance relationship
- •7.2.1 What the session Bean provider is responsible for
- •7.2.2 Classes supplied by container provider
- •7.2.3 What the container provider is responsible for
- •Chapter 8 Client View of an Entity
- •8.1 Overview
- •8.2 EJB Container
- •8.2.1 Locating an entity bean’s home interface
- •8.2.2 What a container provides
- •8.3 Entity bean’s home interface
- •8.3.1 create methods
- •8.3.3 remove methods
- •8.4 Entity object’s life cycle
- •8.5 Primary key and object identity
- •8.6 Entity Bean’s remote interface
- •8.7 Entity bean’s handle
- •8.8 Entity home handles
- •8.9 Type narrowing of object references
- •Chapter 9 Entity Bean Component Contract
- •9.1 Concepts
- •9.1.1 Runtime execution model
- •9.1.2 Granularity of entity beans
- •9.1.3 Entity persistence (data access protocol)
- •9.1.3.1 Bean-managed persistence
- •9.1.3.2 Container-managed persistence
- •9.1.4 Instance life cycle
- •9.1.5 The entity bean component contract
- •9.1.5.1 Entity bean instance’s view:
- •9.1.5.2 Container’s view:
- •9.1.6 Operations allowed in the methods of the entity bean class
- •9.1.7 Caching of entity state and the ejbLoad and ejbStore methods
- •9.1.7.1 ejbLoad and ejbStore with the NotSupported transaction attribute
- •9.1.8 Finder method return type
- •9.1.9 Standard application exceptions for Entities
- •9.1.9.1 CreateException
- •9.1.9.2 DuplicateKeyException
- •9.1.9.3 FinderException
- •9.1.9.4 ObjectNotFoundException
- •9.1.9.5 RemoveException
- •9.1.10 Commit options
- •9.1.11 Concurrent access from multiple transactions
- •9.1.12 Non-reentrant and re-entrant instances
- •9.2 Responsibilities of the Enterprise Bean Provider
- •9.2.1 Classes and interfaces
- •9.2.2 Enterprise bean class
- •9.2.3 ejbCreate methods
- •9.2.4 ejbPostCreate methods
- •9.2.5 ejbFind methods
- •9.2.6 Business methods
- •9.2.7 Entity bean’s remote interface
- •9.2.8 Entity bean’s home interface
- •9.2.9 Entity bean’s primary key class
- •9.3 The responsibilities of the Container Provider
- •9.3.1 Generation of implementation classes
- •9.3.2 Entity EJBHome class
- •9.3.3 Entity EJBObject class
- •9.3.4 Handle class
- •9.3.5 Home Handle class
- •9.3.6 Meta-data class
- •9.3.7 Instance’s re-entrance
- •9.3.8 Transaction scoping, security, exceptions
- •9.3.9 Implementation of object references
- •9.4 Entity beans with container-managed persistence
- •9.4.2 ejbCreate, ejbPostCreate
- •9.4.3 ejbRemove
- •9.4.4 ejbLoad
- •9.4.5 ejbStore
- •9.4.7 primary key type
- •9.4.7.3 Special case: Unknown primary key class
- •9.5 Object interaction diagrams
- •9.5.1 Notes
- •9.5.2 Creating an entity object
- •9.5.3 Passivating and activating an instance in a transaction
- •9.5.4 Committing a transaction
- •9.5.5 Starting the next transaction
- •9.5.6 Removing an entity object
- •9.5.7 Finding an entity object
- •9.5.8 Adding and removing an instance from the pool
- •Chapter 10 Example entity scenario
- •10.1 Overview
- •10.2 Inheritance relationship
- •10.2.1 What the entity Bean Provider is responsible for
- •10.2.2 Classes supplied by Container Provider
- •10.2.3 What the container provider is responsible for
- •Chapter 11 Support for Transactions
- •11.1 Overview
- •11.1.1 Transactions
- •11.1.2 Transaction model
- •11.1.3 Relationship to JTA and JTS
- •11.2 Sample scenarios
- •11.2.1 Update of multiple databases
- •11.2.2 Update of databases via multiple EJB Servers
- •11.2.3 Client-managed demarcation
- •11.2.4 Container-managed demarcation
- •11.2.5 Bean-managed demarcation
- •11.2.6 Interoperability with non-Java clients and servers
- •11.3 Bean Provider’s responsibilities
- •11.3.1 Bean-managed versus container-managed transaction demarcation
- •11.3.1.1 Non-transactional execution
- •11.3.2 Isolation levels
- •11.3.3 Enterprise beans using bean-managed transaction demarcation
- •11.3.3.1 getRollbackOnly() and setRollbackOnly() method
- •11.3.4 Enterprise beans using container-managed transaction demarcation
- •11.3.4.1 javax.ejb.SessionSynchronization interface
- •11.3.4.2 javax.ejb.EJBContext.setRollbackOnly() method
- •11.3.4.3 javax.ejb.EJBContext.getRollbackOnly() method
- •11.3.5 Declaration in deployment descriptor
- •11.4 Application Assembler’s responsibilities
- •11.4.1 Transaction attributes
- •11.5 Deployer’s responsibilities
- •11.6 Container Provider responsibilities
- •11.6.1 Bean-managed transaction demarcation
- •11.6.2 Container-managed transaction demarcation
- •11.6.2.1 NotSupported
- •11.6.2.2 Required
- •11.6.2.3 Supports
- •11.6.2.4 RequiresNew
- •11.6.2.5 Mandatory
- •11.6.2.6 Never
- •11.6.2.7 Transaction attribute summary
- •11.6.2.8 Handling of setRollbackOnly() method
- •11.6.2.9 Handling of getRollbackOnly() method
- •11.6.2.10 Handling of getUserTransaction() method
- •11.6.2.11 javax.ejb.SessionSynchronization callbacks
- •11.7 Access from multiple clients in the same transaction context
- •11.7.1 Transaction “diamond” scenario with an entity object
- •11.7.2 Container Provider’s responsibilities
- •11.7.3 Bean Provider’s responsibilities
- •11.7.4 Application Assembler and Deployer’s responsibilities
- •11.7.5 Transaction diamonds involving session objects
- •Chapter 12 Exception handling
- •12.1 Overview and Concepts
- •12.1.1 Application exceptions
- •12.1.2 Goals for exception handling
- •12.2 Bean Provider’s responsibilities
- •12.2.1 Application exceptions
- •12.2.2 System exceptions
- •12.2.2.1 javax.ejb.NoSuchEntityException
- •12.3 Container Provider responsibilities
- •12.3.1 Exceptions from an enterprise bean’s business methods
- •12.3.2 Exceptions from container-invoked callbacks
- •12.3.3 javax.ejb.NoSuchEntityException
- •12.3.4 Non-existing session object
- •12.3.5 Exceptions from the management of container-managed transactions
- •12.3.6 Release of resources
- •12.3.7 Support for deprecated use of java.rmi.RemoteException
- •12.4 Client’s view of exceptions
- •12.4.1 Application exception
- •12.4.2 java.rmi.RemoteException
- •12.4.2.1 javax.transaction.TransactionRolledbackException
- •12.4.2.2 javax.transaction.TransactionRequiredException
- •12.4.2.3 java.rmi.NoSuchObjectException
- •12.5 System Administrator’s responsibilities
- •12.6 Differences from EJB 1.0
- •Chapter 13 Support for Distribution
- •13.1 Overview
- •13.2 Client-side objects in distributed environment
- •13.3 Standard distribution protocol
- •Chapter 14 Enterprise bean environment
- •14.1 Overview
- •14.2 Enterprise bean’s environment as a JNDI API naming context
- •14.2.1 Bean Provider’s responsibilities
- •14.2.1.1 Access to enterprise bean’s environment
- •14.2.1.2 Declaration of environment entries
- •14.2.2 Application Assembler’s responsibility
- •14.2.3 Deployer’s responsibility
- •14.2.4 Container Provider responsibility
- •14.3 EJB references
- •14.3.1 Bean Provider’s responsibilities
- •14.3.1.1 EJB reference programming interfaces
- •14.3.1.2 Declaration of EJB references in deployment descriptor
- •14.3.2 Application Assembler’s responsibilities
- •14.3.3 Deployer’s responsibility
- •14.3.4 Container Provider’s responsibility
- •14.4 Resource manager connection factory references
- •14.4.1 Bean Provider’s responsibilities
- •14.4.1.1 Programming interfaces for resource manager connection factory references
- •14.4.1.2 Declaration of resource manager connection factory references in deployment descriptor
- •14.4.1.3 Standard resource manager connection factory types
- •14.4.2 Deployer’s responsibility
- •14.4.3 Container provider responsibility
- •14.4.4 System Administrator’s responsibility
- •14.5 Deprecated EJBContext.getEnvironment() method
- •14.6 UserTransaction interface
- •Chapter 15 Security management
- •15.1 Overview
- •15.2 Bean Provider’s responsibilities
- •15.2.1 Invocation of other enterprise beans
- •15.2.2 Resource access
- •15.2.3 Access of underlying OS resources
- •15.2.4 Programming style recommendations
- •15.2.5 Programmatic access to caller’s security context
- •15.2.5.1 Use of getCallerPrincipal()
- •15.2.5.2 Use of isCallerInRole(String roleName)
- •15.2.5.3 Declaration of security roles referenced from the bean’s code
- •15.3 Application Assembler’s responsibilities
- •15.3.1 Security roles
- •15.3.2 Method permissions
- •15.3.3 Linking security role references to security roles
- •15.4 Deployer’s responsibilities
- •15.4.1 Security domain and principal realm assignment
- •15.4.2 Assignment of security roles
- •15.4.3 Principal delegation
- •15.4.4 Security management of resource access
- •15.4.5 General notes on deployment descriptor processing
- •15.5 EJB Architecture Client Responsibilities
- •15.6 EJB Container Provider’s responsibilities
- •15.6.1 Deployment tools
- •15.6.2 Security domain(s)
- •15.6.3 Security mechanisms
- •15.6.4 Passing principals on EJB architecture calls
- •15.6.5 Security methods in javax.ejbEJBContext
- •15.6.6 Secure access to resource managers
- •15.6.7 Principal mapping
- •15.6.8 System principal
- •15.6.9 Runtime security enforcement
- •15.6.10 Audit trail
- •15.7 System Administrator’s responsibilities
- •15.7.1 Security domain administration
- •15.7.2 Principal mapping
- •15.7.3 Audit trail review
- •Chapter 16 Deployment descriptor
- •16.1 Overview
- •16.2 Bean Provider’s responsibilities
- •16.3 Application Assembler’s responsibility
- •16.4 Container Provider’s responsibilities
- •16.5 Deployment descriptor DTD
- •16.6 Deployment descriptor example
- •Chapter 17 Ejb-jar file
- •17.1 Overview
- •17.2 Deployment descriptor
- •17.5 Deprecated in EJB 1.1
- •17.5.1 ejb-jar Manifest
- •17.5.2 Serialized deployment descriptor JavaBeans™ components
- •Chapter 18 Runtime environment
- •18.1 Bean Provider’s responsibilities
- •18.1.1 APIs provided by Container
- •18.1.2 Programming restrictions
- •18.2 Container Provider’s responsibility
- •18.2.1 Java 2 Platform-based Container
- •18.2.1.1 Java 2 APIs requirements
- •18.2.1.2 EJB 1.1 requirements
- •18.2.1.3 JNDI 1.2 requirements
- •18.2.1.4 JTA 1.0.1 requirements
- •18.2.1.5 JDBC™ 2.0 extension requirements
- •18.2.2 JDK™ 1.1 based Container
- •18.2.2.1 JDK 1.1 APIs requirements
- •18.2.2.2 EJB 1.1 requirements
- •18.2.2.3 JNDI 1.2 requirements
- •18.2.2.4 JTA 1.0.1 requirements
- •18.2.2.5 JDBC 2.0 extension requirements
- •18.2.3 Argument passing semantics
- •Chapter 19 Responsibilities of EJB Architecture Roles
- •19.1 Bean Provider’s responsibilities
- •19.1.1 API requirements
- •19.1.2 Packaging requirements
- •19.2 Application Assembler’s responsibilities
- •19.3 EJB Container Provider’s responsibilities
- •19.4 Deployer’s responsibilities
- •19.5 System Administrator’s responsibilities
- •19.6 Client Programmer’s responsibilities
- •Chapter 20 Enterprise JavaBeans™ API Reference
- •package javax.ejb
- •package javax.ejb.deployment
- •Chapter 21 Related documents
- •Appendix A Features deferred to future releases
- •Appendix B Frequently asked questions
- •B.1 Client-demarcated transactions
- •B.2 Inheritance
- •B.3 Entities and relationships
- •B.4 Finder methods for entities with container-managed persistence
- •B.5 JDK 1.1 or Java 2
- •B.6 javax.transaction.UserTransaction versus javax.jts.UserTransaction
- •B.7 How to obtain database connections
- •B.8 Session beans and primary key
- •B.9 Copying of parameters required for EJB calls within the same JVM
- •Appendix C Revision History
- •C.1 Changes since Release 0.8
- •C.2 Changes since Release 0.9
- •C.3 Changes since Release 0.95
- •C.4 Changes since 1.0
- •C.5 Changes since 1.1 Draft 1
- •C.6 Changes since 1.1 Draft 2
- •C.7 Changes since EJB 1.1 Draft 3
- •C.8 Changes since EJB 1.1 Public Draft
- •C.9 Changes since EJB 1.1 Public Draft 2
- •C.10 Changes since EJB 1.1 Public Draft 3
- •C.11 Changes since EJB 1.1 Public Release
- •C.12 Changes since EJB 1.1 Public Release
Sun Microsystems Inc.
Security management |
Enterprise JavaBeans v1.1, Final Release |
System Administrator’s responsibilities |
15.6.10 Audit trail
The EJB Container may provide a security audit trail mechanism. A security audit trail mechanism typically logs all java.security.Exceptions. It also logs all denials of access to EJB Servers, EJB Container, EJB remote interfaces, and EJB home interfaces.
15.7 System Administrator’s responsibilities
This section defines the security-related responsibilities of the System Administrator. Note that some responsibilities may be carried out by the Deployer instead, or may require cooperation of the Deployer and the System Administrator.
15.7.1 Security domain administration
The System Administrator is responsible for the administration of principals. Security domain administration is beyond the scope of the EJB specification.
Typically, the System Administrator is responsible for creating a new user account, adding a user to a user group, removing a user from a user group, and removing or freezing a user account.
15.7.2 Principal mapping
If the client is in a different security domain than the target enterprise bean, the system administrator is responsible for mapping the principals used by the client to the principals defined for the enterprise bean. The result of the mapping is available to the Deployer.
The specification of principal mapping techniques is beyond the scope of the EJB architecture.
15.7.3 Audit trail review
If the EJB Container provides an audit trail facility, the System Administrator is responsible for its management.
[18] The enterprise bean is installed each time using a different JNDI name.
11/24/99 |
238 |
Соседние файлы в предмете Программирование